Getting Proftpd working with TLS / SSL

ProFTPD grew out of the desire to have a secure and configurable FTP server that aims to offer the feature set required for more sophisticated FTP sites. Out of the box the FTP transactions are not secure, they are not encrypted at all. Seeking to encrypt my traffic I spent hours trying to get ProFTPD 1.3.2c (the version in Ubuntu 10.04's repositories) working with TLS. Only to find out there is a bug in ProFTPD 1.3.2c read on to see how I overcame the problem...

Transport Layer Security (TLS) and its predecessor, Secure Sockets Layer (SSL) are cryptographic protocols that provide communication security over the Internet.

I followed this guide initially to set up my certificates and keys for ProFTPD and then resulted to the steps below to get TLSv1/SSL3 working with ProFTPD 1.3.2c.

Before you're fully up an running you must make the proftpd.key.pem readable only by root:
chmod 0600 /etc/ssl/private/proftpd.key.pem
chmod 0640 /etc/ssl/private/proftpd.cert.pem

Now to add TLS support to your ProFTPD config, for simplicity I am going to call out of the ProFTPD config file to a TLS specific config:
sudo gedit /etc/proftpd/proftpd.conf
Add the line:
# This is used for FTPS connections
Include /etc/proftpd/tls.conf
Then create the TLS config at /etc/proftpd/tls.conf using: 
sudo gedit /etc/proftpd/tls.conf
Include the following lines:
# Proftpd sample configuration for FTPS connections.
# Note that FTPS impose some limitations in NAT traversing.
# See
# for more information.

<IfModule mod_tls.c>
TLSEngine                               on
TLSLog                                  /var/log/proftpd/tls.log
TLSProtocol                             SSLv23
TLSRSACertificateFile                   /etc/proftpd/ssl/proftpd.cert.pem
TLSRSACertificateKeyFile                /etc/proftpd/ssl/proftpd.key.pem
# Avoid CA cert and allow client renegotiation (to overcome 1.3.2c bug 3324)
TLSOptions                             NoCertRequest AllowClientRenegotiation
# Authenticate clients that want to use FTP over TLS?
TLSVerifyClient                         off
# Are clients required to use FTP over TLS when talking to this server?
TLSRequired                             on
# Allow SSL/TLS renegotiations when the client requests them, but
# do not force the renegotations.  Some clients do not support
# SSL/TLS renegotiations; when mod_tls forces a renegotiation, these
# clients will close the data connection, or there will be a timeout
# on an idle data connection.
TLSRenegotiate                          required off
I've found that it is critical to have only one TLSOptions line in your config with AllowClientRenegotiation. Otherwise I frequently encountered the following error from my FTP client since the AllowClientRenegotiation option was not parsed correctly from the config file:
mod_tls/2.0.6[1395]: unable to accept TLS
connection: error:00000005:lib(0):func(0):DH lib
The mod_tls will reject any SSL/TLS session renegotiation attempts by the client, in order to mitigate any issues arising from the SSL/TLS session renegotiation vulnerability (CVE-2009-3555). If, however, your particular site or clients absolutely require support for client-initiated SSL/TLS session renegotiations, then this option can be used. This is not recommended as it will leave you susceptible to a man in the middle attack (MITM). 

In order to get TLS working with ProFTPD 1.3.2c I have had to enable AllowClietnRenegotiations to overcome a know issues related to Bug#3324 which although fixed and should be fixed in 1.3.2c (which is the version in the synaptics repository for 10.04) it wasn't back ported correctly it is however fixed in 1.3.2d but that's not available as standard in 10.04 at this time. AllowClientRenegotiations does make your TLS/SSL connection susceptible to man in the middle attacks.
It kind of defeats the point of using TLS/SSL if you are subject to MITM attacks so I'll look into getting 1.3.2d or 1.3.3 installed on 10.04 Lucid.

1 comment:

Note: only a member of this blog may post a comment.